powerdns-recursor -- Crafted query can cause a denial of service

Details

VuXML ID

f6d6308a-f2ec-11e8-b005-6805ca2fa271

Discovery

2018-11-26

Entry

2018-12-09

powerdns Team reports:

CVE-2018-16855: An issue has been found in PowerDNS Recursor where a remote attacker sending a DNS query can trigger an out-of-bounds memory read while computing the hash of the query for a packet cache lookup, possibly leading to a crash. When the PowerDNS Recursor is run inside a supervisor like supervisord or systemd, a crash will lead to an automatic restart, limiting the impact to a somewhat degraded service.